Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

CVE-2019-9325: Android 10 Security Release Notes  |  Android Open Source Project

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302

CVE
#vulnerability#android#google#dos#rce
CVE-2019-9376: Android Security Bulletin—January 2021  |  Android Open Source Project

In Account of Account.java, there is a possible boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android; Versions: Android-9, Android-8.0, Android-8.1; Android ID: A-129287265.

CVE-2019-16294: Scintilla

SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.

CVE-2016-10954: Unrestricted Upload/RCE in Neosense theme 1.7

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.

CVE-2019-16113: Bludit v3.9.2 Code Execution Vulnerability in "Upload function" · Issue #1081 · bludit/bludit

Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.

CVE-2019-9456: Pixel Update Bulletin—September 2019  |  Android Open Source Project

In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2019-5032: TALOS-2019-0794 || Cisco Talos Intelligence Group

An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.

CVE-2019-5033: TALOS-2019-0795 || Cisco Talos Intelligence Group

An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.

CVE-2019-5041: TALOS-2019-0805 || Cisco Talos Intelligence Group

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability.